LeakyCreds
NewInstant webhook alerts now available ā€” notified within seconds of any credential detection.Learn more ā†’
Home / Vulnerability Intelligence / CVE-2026-3587

CVE-2026-3587 - Vulnerability Analysis

CriticalCVSS: 10.0

Last Updated: March 23, 2026

Linux-based Device - Privilege Escalation

Published: March 23, 2026Updated: March 23, 2026Remote Exploitable

Overview

A Linux-based device contains a privilege escalation caused by a hidden function in the CLI prompt, letting unauthenticated remote attackers gain root access, exploit requires remote access to the CLI.

Severity & Score

Severity: Critical
CVSS Score: 10.0
EPSS Score: 0.0%(Probability of exploitation in next 30 days)

Impact

Unauthenticated remote attackers can gain root access, leading to full device compromise.

Mitigation

Update to the latest version with the fix applied.

References

Social Media Activity(6 posts)

Offensive Sequence
Offensive Sequence
@offseq
Mar 23, 2026

WAGO 852-1812 switch hit with CRITICAL CVE-2026-3587 (CVSS 10.0): hidden CLI lets remote attackers gain root with no auth. No patch yet. Isolate, restrict access, & monitor closely. https://radar.offseq.com/threat/cve-2026-3587-cwe-912-hidden-functionality-in-wago-a4c55a72 #OffSeq #ICS #Infosec #Vulnerability

View original post
TheHackerWire
TheHackerWire
@thehackerwire
Mar 23, 2026

šŸ”“ CVE-2026-3587 - Critical (10) An unauthenticated remote attacker can exploit a hidden function in the CLI prompt to escape the restricted interface and gain root access to the underlying Linux based OS, leading to full compromise of the device. šŸ”— https://www.thehackerwire.com/vulnerability/CVE-2026-3587/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post
CERT@VDE
CERT@VDE
@certvde
Mar 23, 2026

#OT #Advisory VDE-2026-020 WAGO: Vulnerability in managed switches A vulnerability has been found affecting the Managed Switches of WAGO. An unauthenticated attacker can fully compromise the device via an undocumented function. #CVE CVE-2026-3587 https://certvde.com/en/advisories/vde-2026-020/ #CSAF https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-020.json

View original post
Offensive Sequence
Offensive Sequence
@offseq
Mar 23, 2026

WAGO 852-1812 switch hit with CRITICAL CVE-2026-3587 (CVSS 10.0): hidden CLI lets remote attackers gain root with no auth. No patch yet. Isolate, restrict access, & monitor closely. https://radar.offseq.com/threat/cve-2026-3587-cwe-912-hidden-functionality-in-wago-a4c55a72 #OffSeq #ICS #Infosec #Vulnerability

View original post
TheHackerWire
TheHackerWire
@thehackerwire
Mar 23, 2026

šŸ”“ CVE-2026-3587 - Critical (10) An unauthenticated remote attacker can exploit a hidden function in the CLI prompt to escape the restricted interface and gain root access to the underlying Linux based OS, leading to full compromise of the device. šŸ”— https://www.thehackerwire.com/vulnerability/CVE-2026-3587/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post
CERT@VDE
CERT@VDE
@certvde
Mar 23, 2026

#OT #Advisory VDE-2026-020 WAGO: Vulnerability in managed switches A vulnerability has been found affecting the Managed Switches of WAGO. An unauthenticated attacker can fully compromise the device via an undocumented function. #CVE CVE-2026-3587 https://certvde.com/en/advisories/vde-2026-020/ #CSAF https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-020.json

View original post

Related Resources

Details

CVE ID
CVE-2026-3587
Severity
Critical
CVSS Score
10.0
Type
broken_access_control
Status
new
EPSS
0.0%
Social Posts
6

CWE

  • CWE-912

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

EPSS Score

0.0%Probability of exploitation in the next 30 days